/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
DB::transaction(function () {
// create admin user
$root = factory(App\User::class)->create(['name' => 'Administrator', 'email' => '*****@*****.**', 'password' => bcrypt('123456'), 'username' => 'admin', 'location' => 'Da Nang', 'country' => 'Viet Nam', 'biography' => 'Dev', 'occupation' => 'Dev', 'website' => 'greenglobal.vn', 'image' => 'avatar.jpg']);
// create default roles
$admin = new Role();
$admin->name = 'admin';
$admin->display_name = 'Administrator';
$admin->description = 'User is allowed to manage all system.';
$admin->active = 1;
$admin->save();
// create default guest roles
$guest = new Role();
$guest->name = 'guest';
$guest->display_name = 'Guest';
$guest->description = 'User are not logged in.';
$guest->active = 1;
$guest->save();
// attach roles
$root->attachRole($admin);
// create root permission
$admin = new NodePermission();
$admin->name = 'Root';
$admin->display_name = 'Root permission';
$admin->description = 'The root.';
$admin->save();
// create all permission to admin
$root = new PermissionRole();
$root->permission_id = 1;
$root->role_id = 1;
$root->status = 1;
$root->save();
});
}
public function can($permissions, $arguments = [])
{
// Get param
$userId = Auth::user()->id;
// Get roles
$listRole = (new RoleUser())->getUserRole($userId);
if (empty($listRole) || empty($permissions)) {
return false;
}
if (!is_array($permissions)) {
$permissions = [$permissions];
}
// Get list permissions id
$listPermissions = NodePermission::whereIn('name', $permissions)->lists('id');
// Get permission status
$rolePerm = PermissionRole::whereIn('role_id', $listRole)->whereIn('permission_id', $listPermissions)->get();
if (!$rolePerm->count()) {
return false;
}
foreach ($rolePerm as $perm) {
if ($perm->status == 1) {
return true;
}
}
return false;
}
public function testGetListPermissionNull()
{
$this->withoutMiddleware();
$this->call('POST', '/nodePermission', ['name' => 'Login', 'display_name' => 'User login', 'description' => 'Des', 'parent_id' => 1]);
// CHange root node id
$root = NodePermission::find(1);
$root->id = 0;
$root->save();
$res = $this->call('GET', '/nodePermission');
$this->assertEquals(200, $res->getStatusCode());
$results = json_decode($res->getContent());
$this->assertEquals(null, $results->entities);
}
/**
* List route of a permission
*
* @param permission id
* @return json
*/
public function index($id = null)
{
$node = NodePermission::where('id', $id)->get();
if (!$node->count()) {
return response()->json(null, 404);
}
$routes = PermissionRoute::where('permission_id', $id)->get();
$results = [];
if ($routes->count()) {
foreach ($routes as $route) {
$route = array('id' => $route->id, 'route_method' => $route->route_method, 'route_name' => $route->route_name);
$results[] = (object) $route;
}
}
return response()->json(arrayView('gcl.gclusers::route/browse', ['routes' => $results]), 200);
}
public function testHasManyPermission()
{
// assign new roles with name
$modify = factory(Role::class)->create(['name' => 'modify', 'active' => 1]);
$editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]);
$user = factory(App\User::class)->create(['password' => bcrypt('123456')]);
$credentials = ['email' => $user->email, 'password' => '123456'];
$token = JWTAuth::attempt($credentials);
// add roles to user
$user->attachRole($modify);
$user->attachRole($editor);
// Post permission tree
NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"3","children":[{"id":4, "name":"4","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]');
// add route to permission
PermissionRoute::setRoutePermissionsRoles(2, '/password', 'PATCH');
PermissionRoute::setRoutePermissionsRoles(2, '/blog/{id}', 'POST');
// set permissons
PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]);
PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]);
$res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(403, $res->getStatusCode());
// set permissons
PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 1]);
PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]);
$res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(200, $res->getStatusCode());
// set permissons
PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]);
PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 1]);
$res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(200, $res->getStatusCode());
}
/**
* Get role permission action
*
* @param Request
* @return Response
*/
public function getRolePerm($id = null)
{
if (!Role::find($id)) {
return response()->json(null, 404);
}
$roles = NodePermission::model()->rolePerm($id);
return response()->json(arrayView('gcl.gclusers::nodePermission/read', ['node' => $roles]), 200);
}
public function testCanPermissionAndHasRole()
{
$this->withoutMiddleware();
$user = factory(App\User::class)->create(['password' => bcrypt('123456')]);
$credentials = ['email' => $user->email, 'password' => '123456'];
$token = JWTAuth::attempt($credentials);
$editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]);
$partner = factory(Role::class)->create(['name' => 'partner', 'active' => 1]);
// add role to user
$user->attachRole($editor);
$this->assertEquals(true, $user->hasRole('editor'));
$this->assertEquals(false, $user->hasRole('admin'));
$this->assertEquals(false, $user->can('delete-user'));
$this->assertEquals(false, $user->can(['delete-user', 'create-user']));
// Add permission
NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"delete-user","children":[{"id":4, "name":"create-post","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]');
PermissionRole::create(['permission_id' => 3, 'role_id' => $editor->id, 'status' => 1]);
$this->assertEquals(true, $user->can('delete-user'));
$this->assertEquals(true, $user->can(['delete-user', 'create-user']));
$this->assertEquals(false, $user->can('create-post'));
$user->attachRole($partner);
PermissionRole::create(['permission_id' => 4, 'role_id' => $partner->id, 'status' => 1]);
$this->assertEquals(true, $user->can('create-post'));
$this->assertEquals(true, $user->can(['create-post', 'delete-post']));
$this->assertEquals(true, $user->can(['create-post', 'delete-post', 'delete-user']));
}
